IT Security & Privacy

Two privacy determinations released Thursday by the Australian Privacy Commissioner found that health service providers Medmate and Monash IVF interfered with individuals' privacy through their use of third-party tracking pixels. The decisions conclude a year-long investigation by the Office of the Australian Information Commissioner into how the two companies collected information from visitors to websites offering telehealth and fertility services.

The video game industry has become one of the largest and most data-intensive sectors of the digital economy. European privacy regulators are now signaling that the industry's rapid technological evolution must be matched by equally mature approaches to data protection.

The Cybersecurity and Infrastructure Security Agency on Wednesday issued Binding Operational Directive 26-04, requiring federal civilian agencies to prioritize security updates according to risk rather than treating vulnerabilities as a largely uniform backlog of technical debt.

The regulatory reckoning for Coupang has become considerably more expensive. South Korea's Personal Information Protection Commission (PIPC) has imposed penalties totaling $455 million (624.6 billion won) against the e-commerce giant following a data breach that exposed the personal information of roughly 37.5 million users, according to BBC reporting. The sanctions represent the largest privacy-related penalty ever issued in South Korea.

Norway's data protection authority has imposed a €1.7 million (NOK 20 million) administrative fine on Elkjøp after finding multiple violations of the General Data Protection Regulation (GDPR) related to the retailer's customer club, a program used by millions of consumers across the Nordic region.

A software flaw in ServiceNow's cloud platform allowed unauthorized access to customer data stored in certain enterprise environments, prompting the company to issue a patch and notify affected customers after security researchers uncovered the vulnerability. The issue involved a bug that enabled unauthenticated users to access data in some customer instances without providing credentials. According to a ServiceNow article shared publicly by users after being placed behind a customer login wall, the company deployed fixes on June 5 to address a flaw that allowed users to gain greater access to ServiceNow-hosted data than intended.

South Korea's financial regulator is asking some of the country's largest financial institutions to prepare for a future in which artificial intelligence is no longer simply a productivity tool but a weapon. At a meeting in Seoul, Financial Services Commission Chairman Lee Eog-weon met with the chief executives of five major financial holding companies to discuss a problem confronting regulators around the world. The same technologies banks hope will make operations faster and more efficient are also making scams more convincing, cyberattacks more sophisticated, and fraud harder to detect.